#!/usr/bin/python
#
# Filename:  connect_custom_cnc_server_telnet.py
#
# Version: 1.0.0
#
# Author:  Joe Gervais (TryCatchHCF)
#
# Summary:
#
#	Part of the DumpsterFire Toolset. See documentation at https://github.com/TryCatchHCF/DumpsterFire
#
# 	Attempts Telnet connection to whatever IP address, username, and password was supplied via 
#	the Fire's Configuration() method. Original thought was to supply a series of Fires that 
#	would try to connect to known sinkholed C&C addresses, but I quickly realized there were 
#	serious liability issues there, particularly since those are external connections that
#	would be visible for all to see, especially the owners of the sinkholed addresses, who
#	are often associated with law enforcement. Definitely NOT the kind of attention you want
#	to attract during your drills and engagements.
#
#	So instead, I've opted to provide several generic custom C&C connection options, using
#	a few different protocols. You provide the IP address / domain name and any necessary
#	creds. There are good reasons you may want to test sinkholed domains, but that's up to 
#	you now via custom settings.
#
# Description:
#
#

import os, sys, telnetlib, datetime

from FireModules.fire_module_base_class import *

class connect_custom_cnc_server_telnet( FireModule ):

	def __init__(self):
		self.commentsStr = "Malware/connect_custom_cnc_server_telnet"
                self.networkAddrStr = ""
                self.cncUserName = ""
                self.cncPassword = ""

	def __init__(self, moofStr):
		self.commentsStr = "Malware/connect_custom_cnc_server_telnet"
                self.networkAddrStr = ""
                self.cncUserName = ""
                self.cncPassword = ""
		return;

	def Description( self ):
		self.Description = "Attempts to open telnet connection to \"C&C\" server IP address / system, as assigned via Configuration."
		return self.Description

        def Configure( self ):
		print "Enter IP address, username, password as comma-separated fields. Ex: 10.1.1.2, admin, ReallyBadPassword"
		print ""
		self.configStr = raw_input( "Enter C&C address, username, password: " )
		print ""

		# Get rid of whitespace in the Config string
		self.configStr = self.configStr.replace( ' ', '' )

		# parse out parameterStr into the 3 comma-separated fields
		parameterElementList = self.configStr.split( "," )
                self.networkAddrStr = parameterElementList[ 0 ]
                self.cncUserName = parameterElementList[ 1 ]
                self.cncPassword = parameterElementList[ 2 ]

                return

        def GetParameters( self ):
                return( self.networkAddrStr + ", " + self.cncUserName + ", " + self.cncPassword )

        def SetParameters( self, parametersStr ):
		# Get rid of whitespace in the Config string
		parametersStr = parametersStr.replace( ' ', '' )

		# parse out parameterStr into the 3 comma-separated fields
		parameterElementList = parametersStr.split( "," )
                self.networkAddrStr = parameterElementList[ 0 ]
                self.cncUserName = parameterElementList[ 1 ]
                self.cncPassword = parameterElementList[ 2 ]

                return

        def ActivateLogging( self, logFlag ):
                print self.commentsStr + ": Setting Logging flag!"
                print logFlag
                return

        def Ignite( self ):

		if ( self.networkAddrStr == "" ):
			print "## ", self.commentsStr, ": Error - Network address string is blank"
			return

		else:
			self.mCurrentDateTimeUTC = datetime.datetime.utcnow()

			print "UTC", self.mCurrentDateTimeUTC.strftime("%x %X"), "- Attempting telnet connection to:", self.networkAddrStr

			try:
				telnetSession = telnetlib.Telnet( self.networkAddrStr, 23 )

				print "Telnet session established to host:", self.networkAddrStr

				telnetSession.read_until( "login: " )
				telnetSession.write( self.cncUserName + "\n" )

				telnetSession.read_until( "Password: " )
				telnetSession.write( self.cncPassword + "\n" )

			except:
				print "Could not establish telnet connection"

		return
		
